Handles the creation, reading, deletion overall management of secret vaults.
Represents a reference to an encrypted secret file.
Fields:
Constructor:
PublicKeyFile(string secretName, string secretPath)
Used to initialize a new secret entry when creating a bank.
Fields:
Constructor:
PublicKeyFileInit(string secretName, SecureString? secretPath, SecureString value)
Creates a “bank” JSON file listing public secrets, and optionally initializes individual secret files.
Parameters:
Returns: Task
Exceptions:
Checks for the existence of the bank JSON file.
Parameters:
Returns: Task — true if the bank file exists.
Retrieves and decrypts a public secret value from a bank.
Parameters:
Returns: Task — Decrypted secret value.
Exceptions:
Reads the “Pneumentations” (rotation count) for a public secret.
Parameters: Same as GetPublicSecret minus SecretDecryptKey.
Returns: Task — Current rotation count.
Adds a new secret to an existing bank, creating its file and encrypting its initial value.
Parameters:
Returns: Task
Removes a secret entry from both the bank JSON and deletes its file.
Parameters:
Returns: Task
Lists all logical secret names in the bank.
Rotates (re-hashes) a secret’s value, updates its “Pneumentations” count, and writes back.
Parameters:
Returns: Task — New rotated secret.
WIP — Re-encrypts and/or moves existing secrets to a new bank directory with optional password/key changes.
Parameters:
Returns: Task
Notes: Not production-ready; use with caution.
Tests all of the Accounts system, remember to set the directory!
public async Task AccountsTest()
{
var directory = @"TestFiles\";
await accounts.SetupFiles(directory);
var newUser = await accounts.CreateUser("RedEyedXaXa", "GGO_NoRespawn$SinonTargeted@Midnight".ToSecureString(true), directory);
Console.WriteLine("New User Created, password recovery key: " + newUser.ConvertToString());
var loginUser = await accounts.LoginUser("RedEyedXaXa", directory, "GGO_NoRespawn$SinonTargeted@Midnight".ToSecureString(true));
Console.WriteLine("Login User File Encryption Key: " + loginUser.ConvertToString());
var resetTest = await accounts.ResetPassword("RedEyedXaXa", directory, "XeXeed_Offline$KillCode_2077*VR".ToSecureString(true), newUser);
Console.WriteLine("Password Reset Key: " + resetTest.ConvertToString());
}
Turns a byteArray back into a string using BinaryConverter.ByteArrayToObjectAsync
public async Task<string> FromByte(byte[] byteArray)
{
return await BinaryConverter.ByteArrayToObjectAsync<string>(byteArray);
}
Turns an Operation object into bytes before turning it back into an Operation and ensuring the values are still as they should be.
public async void TestObjectToByteArrayAsync()
{
BinaryConverter binaryConverter = new BinaryConverter();
Operation operation = new Operation();
// Convert the operation object to a byte array
byte[] byteArray = await BinaryConverter.ObjectToByteArrayAsync(operation);
Console.WriteLine("Byte array length: " + byteArray.Length);
// Convert the byte array back to an object
Operation convertedOperation = await BinaryConverter.ByteArrayToObjectAsync<Operation>(byteArray);
Console.WriteLine("Converted Operation Name: " + convertedOperation.OperationName);
Console.WriteLine("Converted Description: " + convertedOperation.Description);
Console.WriteLine("Converted Yorha Sect: " + convertedOperation.YorhaSect);
Console.WriteLine("Converted IsActive: " + convertedOperation.IsActive);
Console.WriteLine("Converted MaxLevel: " + convertedOperation.MaxLevel);
Console.WriteLine("Converted Difficulty: " + convertedOperation.Difficulty);
Console.WriteLine("Converted AttackSpeed: " + convertedOperation.AttackSpeed);
Console.WriteLine("Converted CreatedAt: " + convertedOperation.CreatedAt);
Console.WriteLine("Converted Operators Count: " + convertedOperation.Operators.Count);
Console.WriteLine("Converted Enemies Count: " + convertedOperation.Enemies.Count);
Console.WriteLine("Converted Weapons Count: " + convertedOperation.Weapons.Count);
//Newline spacer
Console.WriteLine(Environment.NewLine);
Console.WriteLine(Environment.NewLine);
}
Turns a string into a byte array using the BinaryConverter.ObjectToByteArrayAsync method
public async Task<byte[]> ToByte()
{
return await BinaryConverter.ObjectToByteArrayAsync("This is a test string.");
}
Provides methods to serialize, encrypt, decrypt, and deserialize objects using JSON + AES.
Serializes an object of type T to JSON, wraps it with its assembly-qualified type name, Base64-encodes, then encrypts via AES-GCM.
Parameters:
Process:
Returns: Task — The encrypted Base64 JSON wrapper as a single string.
Decrypts and deserializes a string previously produced by PackData back into the original object.
Parameters:
Process:
Returns: Task — The deserialized object instance.
Exceptions:
A system focused on creating a reliable system for data sharing between programs (outside of named pipes).
Global configuration for directory- and session-related timeouts and keys.
Properties (static):
Methods (static):
Holds common filesystem paths for a given “service” installation.
Properties:
Constructors:
DirectoryData() { }
DirectoryData(
string companyPath,
string mainServicePath,
string serviceParent,
string author,
string software,
string userSharedResources,
string userFolder,
string exePath,
string program
)
Encapsulates a per-tier encrypted key and its signatures.
Properties:
Constructors:
EncryptedTier() { }
EncryptedTier(byte[] signedEncryptedTier, string encryptedTierPass, byte[] signedTierPass)
Finds the full path of an executable on the system.
Checks whether filePath resides under baseDirectory.
Builds standard folder layout under %LocalAppData%{author}.
Verifies “CORE.json” integrity by checking a signed “mother path” entry.
Ensures the executable for programName resides within MainServicePath.
Bootstraps a brand-new “service” instance:
Registers a new application under an existing “service”:
Marks a program as blacklisted:
Removes a program from the blacklist:
Removes an allowed program entry:
Composite check that both:
are still intact. Throws on failure.
Retrieves a machine-unique board serial number across Windows, Linux, and macOS by executing platform-specific commands.
Detects the current OS and invokes the appropriate system command to fetch the motherboard’s serial number.
Helper that executes a shell command and returns its last non-empty output line.
Represents a JSON file on disk along with its parsed data.
Fields:
Constructor:
csharp
PariahJSON(string fileName, string filePath, JObject data)
Initializes a new instance with the given file name, file path, and JSON data.
Creates a new .json file containing the provided default data.
Loads and parses an existing .json file into a PariahJSON struct.
Encrypts and adds a new data field to the in-memory JSON.
Removes a property from the in-memory JSON.
Replaces an existing JSON property with new encrypted data.
Retrieves and decrypts a previously added JSON property.
Checks whether a given property exists and is a string.
Serializes and writes the in-memory JSON back to its original file location.
Handles the Salting and Hashing of Data
Holds the salt and hash produced when generating a password hash.
Fields:
Constructor:
PasswordCheckData(string saltKey, string hashKey)
Initializes both fields.
Provides methods to generate and validate password hashes using Argon2id with a cryptographically secure salt.
Creates a new random salt and computes an Argon2id hash of the given password.
Verifies a password by re-computing its Argon2id hash with the stored salt and comparing securely.
Internal helper that runs Argon2id synchronously within a Task to produce a raw hash byte array.
Performs a constant-time comparison between two byte arrays to prevent timing attacks.
A barebones local account system
Represents a user account’s stored data.
Properties:
Constructors:
AccountData() { } // For deserialization
AccountData(string username,
PasswordCheckData password,
string dataEncryptionKey,
string recoveryDataKey)
internal SecureString PublicKey
Default key used to encrypt/decrypt the account list JSON.
internal void ChangePublicKey(string NewVal)
Updates PublicKey to a new value (wrapped in SecureString).
Initializes a fresh “Users.json” in the specified directory containing an empty account list.
Parameters:
Returns: Task
Creates a new user entry, storing:
Parameters:
Returns: Task — The recovery key (for password resets).
Exceptions:
Validates credentials and, on success, returns the user’s data-encryption key.
Parameters:
Returns: Task — Decrypted data-encryption key.
Exceptions:
Uses the stored recovery key to re-encrypt a new password and rotation of encryption keys:
Parameters:
Returns: Task — The new data-encryption key.
Exceptions:
A more robust account system with token verification, session checks, expiries, etc.
markdown
Represents a user’s active session record.
Properties:
Constructors:
ActiveSession() { }
ActiveSession(string username,
string sessionID,
string sessionKey,
string expiry,
string isTrusted,
string checksAndLastTry)
Encapsulates the decrypted session details returned to the caller.
Properties (all SecureString):
Constructors:
ConnectedSessionReturn() { }
ConnectedSessionReturn(string username,
string sessionKey,
string sessionID,
SecureString directory)
Holds both the initial session info and recovery key when creating a new user.
Properties:
Constructors:
ReturnCreateUser() { }
ReturnCreateUser(ConnectedSessionReturn sessionReturn,
SecureString recoveryKey)
Global configuration for session lifetimes and recovery policies.
Properties (static):
Methods (static):
Same as in Accounts, stores per-user credentials and encryption keys.
Properties:
Constructors:
AccountData() { }
AccountData(string username,
PasswordCheckData password,
string dataEncryptionKey,
string recoveryDataKey)
Initializes Users.json with empty AccountsList and empty Sessions arrays.
Parameters:
Returns: Task
Registers a new user and returns a recovery key.
Steps:
Returns: Task — The recovery key.
Exceptions: If username already exists.
Authenticates credentials and creates a new session.
Parameters:
Process:
Returns: Task<(SecureString dataKey, ConnectedSessionReturn sessionInfo)>
Exceptions: On invalid credentials or I/O errors.
Checks session validity, expiry, and integrity; extends expiry if valid.
Parameters:
Process:
Exceptions: On tampering or parsing errors.
Invalidates a session immediately.
Process: Calls ValidateSession (throws if invalid), then removes the session record and saves JSON.
Returns: Task
Deletes a user account and all its sessions.
Process:
Returns: Task
Allows password reset from within an active session, enforcing recovery-policy limits.
Process:
Returns: Task
Exceptions: On recovery key failures or policy triggers.
Returns the list of all registered usernames.
Parameters:
Returns: Task<List>
Tests all of the AccountsWithSessions system
public static async Task AccountsWithSessionsTest()
{
var directory = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "PariahCybersecTest", "TestFilesAsync");
if (Directory.Exists(directory))
{
Directory.Delete(directory, true); // `true` means recursive deletion
Console.WriteLine("Directory and its contents reset.");
}
Directory.CreateDirectory(directory);
Console.WriteLine(directory);
string username = "testUser";
SecureString password = "testPassword123".ToSecureString(true); // Convert to SecureString
string recoveryPassword = "recoveryPassword123"; // Recovery password
// Initialize the object that has the methods
var userManagement = new DataHandler.AccountsWithSessions();
// Setup files (Initialize JSON structure)
await userManagement.SetupFiles(directory);
// Create a user
SecureString recoveryKey = await userManagement.CreateUser(username, password, directory);
Console.WriteLine($"User created. Recovery key: {recoveryKey.ConvertToString()}");
// Login the user
var loginResult = await userManagement.LoginUser(username, directory, password, true);
Console.WriteLine($"User logged in. Session ID: {loginResult.Item2.SessionID}");
// Validate the session
bool isSessionValid = await userManagement.ValidateSession(loginResult.Item2, loginResult.Item1);
Console.WriteLine($"Is session valid: {isSessionValid}");
// Reset password
var newPassword = "newPassword123".ToSecureString(true);
await userManagement.ResetPassword(loginResult.Item2, loginResult.Item1, newPassword, recoveryKey);
Console.WriteLine("Password reset successfully.");
// Logout user (Remove if testing remove account, you need to be logged in to remove your acc)
await userManagement.LogoutUser(loginResult.Item2, loginResult.Item1);
Console.WriteLine("User logged out.");
// Remove account
await userManagement.RemoveAccount(loginResult.Item2, loginResult.Item1);
Console.WriteLine("Account removed successfully.");
}
Tests all of the DataRequestTest system (Keep in mind you need to make a dummy exe that is running within the local path; this will be fixed based on a few thoughts i've gotten)
public static async Task DataRequestTest()
{
var author = "Zakstar";
var software = "TournamentOfBullets";
var serviceParent = "GunGaleOnline";
var programName = "GunGaleOnlineLauncher";
var password = "TestPassword123!".ToSecureString(true);
var identifier = "Gun Gale Online".ToSecureString(true);
var username = "Launcher";
var tierCount = 1;
// Simulated PublicKey (normally this would be a PQC public key)
var publicKey = "SimulatedPublicKeyShouldBe32CharsLong".ToSecureString(true);
var manager = new Pariah_Cybersecurity.DataHandler.DataRequest();
// Test: GetPaths
var directoryData = await manager.GetPaths(identifier, software, author, programName, serviceParent);
Console.WriteLine("GetPaths test completed.");
var createdSystem = await manager.CreateNewSystem(username, identifier, password, software, author, "DummyExePath", serviceParent, tierCount, publicKey);
Console.WriteLine($"CreateNewSystem returned: {createdSystem.ConvertToString()}");
// Test: CreateNewApp
var createdApp = await manager.CreateNewApp("Tower Of Bullets", password, directoryData.MainServicePath, directoryData, "0", publicKey);
Console.WriteLine($"CreateNewApp returned: {createdApp.ConvertToString()}");
// Test: CheckMainPathValidity
var validityCheck = await manager.CheckMainPathValidity(directoryData, publicKey);
Console.WriteLine($"CheckMainPathValidity: {validityCheck}");
// Test: ValidateProgram
var validate = await manager.ValidateProgram(directoryData, programName, publicKey);
Console.WriteLine($"ValidateProgram: {validate}");
}
The DataHandler holds most of the classes in Pariah Cybersecurity, heavily outweighing other classes in number.
This uses KYBERS CRYSTAL for handling secrets; this is great for one time passes, exchanges, etc.
Holds AES-GCM encrypted data and its associated IV.
Creates a public and private key (tuple.Item1, tuple.Item2). The public key should be shared, but the private key should only be on the the device that made/called the function.
Creates a secret using the public key, returning a KeyAndEncryptedText object; check this when fixing example section
Parameters:
Returns: Task<byte[]>
Creates a second secret using the private key and a cipher (within the KeyAndEncryptedText object as key).
Parameters:
Returns: Task
The Rotation class is responsible for generating and rotating session keys, typically used to create a new session key by hashing a base key multiple times with salt for enhanced security.
Generates an initial key and salt combination. The key is hashed using the ShakeDigest (SHAKE256) algorithm 1000 times along with a randomly generated salt. The resulting key and salt are returned as Base64-encoded strings.
Rotates an existing key multiple times based on the number of rotations specified. Each rotation involves hashing the key and the salt using the ShakeDigest algorithm. After the specified number of rotations, the resulting key is returned as a Base64-encoded string.
Converts an input string to a Base64-encoded string.
This uses Dilithium for creating fingerprints, commonly used for ensuring data hasn't been tampered!
Creates a public and private key asynchronously (tuple.Item1, tuple.Item2). The public key should be shared, but the private key should only be on the the device that made/called the function.
Creates a signature asynchronously through a private key and an input.
Parameters:
Returns: Task<byte[]>
Verifies the input data using the public key, the saved signature and a reference input as a string.
Parameters:
Returns: Task
Verifies the input data using the public key, the saved signature and a reference input as a byte array.
Parameters:
Returns: Task
Packs and unpacks a file (be sure to set filepath, filepath2 and output!)
public void FileTest()
{
var filePath = @"C/finally-all-the-chin-woo-artworks-in-high-quality-v0-f5bnem4v03oe1.png";
var filePath2 = @"images.jfif";
var fileOutput = @"TestFiles";
// Generate a valid key pair
var (publicKey, privateKey) = EasyPQC.Signatures.CreateKeys().Result;
// Pack the file
var pack = EasyPQC.FileOperations.PackFiles(
filePath,
fileOutput,
Encoding.UTF8.GetBytes("Test"), // Use a valid private key
"Password".ToSecureString(true), // SecureString for encryption
null,
EasyPQC.FileOperations.CompressionLevel.Fast,
true
).Result;
Console.WriteLine("Packed file: " + pack);
// Unpack the file
var unpack = EasyPQC.FileOperations.UnpackFile(
pack,
fileOutput,
Encoding.UTF8.GetBytes("Test"), // Use the corresponding public key
null,
EasyPQC.FileOperations.CompressionLevel.Fast,
"Password".ToSecureString(true) // SecureString for decryption
).Result;
Console.WriteLine("Unpacked file: " + unpack);
// Test with a wrong password
var falseUnpack = EasyPQC.FileOperations.UnpackFile(
pack,
fileOutput,
Encoding.UTF8.GetBytes("Test"), // Use the corresponding public key
null,
EasyPQC.FileOperations.CompressionLevel.Fast,
"WrongPassword".ToSecureString(true) // Incorrect SecureString
).Result;
Console.WriteLine("Unpacked file with wrong password: " + falseUnpack);
}
A fun way to imagine how the key system would be used for a Matrix style client
public void KeysMsgTest()
{
var members = new[] { "Kirito", "Asuna", "Klein", "Lisbeth", "Silica" };
var publicKeys = new Dictionary<string, Dictionary<string, byte[]>>();
var privateKeys = new Dictionary<string, Dictionary<string, byte[]>>();
// Step 1: Everyone generates a keypair
foreach (var member in members)
{
var keys = EasyPQC.Keys.Initiate();
publicKeys[member] = keys.Item1;
privateKeys[member] = keys.Item2;
}
Console.WriteLine("Everyone has generated their keys!\n");
// Step 2: Everyone (except Kirito) establishes a shared key with Kirito
foreach (var member in members)
{
if (member == "Kirito") continue;
var shared = EasyPQC.Keys.CreateSecret(publicKeys["Kirito"]);
var sharedSecret = shared.key;
Console.WriteLine($"🔐 {member} → Kirito:");
Console.WriteLine($" Shared Secret: {Convert.ToBase64String(sharedSecret)}");
// Simulating message send using the shared key
Console.WriteLine($" Message from {member}: \"Hey Kirito, let's meet up at the mall!\"\n");
}
Console.WriteLine("SAO Mall Chat setup complete! 🎉");
}
Initiates the keys system, then creates secrets one and two.
public void KeysTest()
{
var keyPass = "This is a test password!";
var keys = EasyPQC.Keys.Initiate();
var secretOne = EasyPQC.Keys.CreateSecret(keys.Item1);
var sOnea = secretOne.text;
var sOneb = secretOne.key;
Console.WriteLine(Environment.NewLine);
Console.Write("Secret One: " + Convert.ToBase64String(sOnea));
Console.WriteLine(Environment.NewLine);
Console.Write("Key One: " + Convert.ToBase64String(sOneb));
var SecretTwo = EasyPQC.Keys.CreateSecretTwo(keys.Item2, sOnea);
Console.WriteLine(Environment.NewLine);
Console.WriteLine("Secret Validation " + Convert.ToBase64String(SecretTwo));
}
Creates an initial key before rotating it 20 times.
public async Task RotateTest()
{
var rotation = new EasyPQC.Rotation();
Console.WriteLine("Initial Key");
var initkey = await rotation.CreateInitialKey("I need more power.");
Console.WriteLine("Initial Salt: " + initkey.Item1);
Console.WriteLine("Initial Key: " + initkey.Item2);
var rot = new EasyPQC.Rotation();
//Multirotation test
int rotationCount = 20;
int round = 0;
string currentKey = initkey.Item2;
while (rotationCount >= round)
{
var rotatedKey = await rot.RotateKey(currentKey.ToSecureString(true), round, initkey.Item2);
Console.WriteLine($"Rotated Key for round {round}: " + rotatedKey);
round++;
}
Creates two keys and a signature, before testing both VerifySignature methods.
public async Task SignatureTest()
{
// Generate key pair
var (publicKeyDict, privateKeyDict) = await EasyPQC.Signatures.CreateKeys();
var message = "This is a test message.";
// Encode and display key data
Console.WriteLine("Public Key (Base64):");
foreach (var kv in publicKeyDict)
Console.WriteLine($"{kv.Key}: {Convert.ToBase64String(kv.Value)}");
Console.WriteLine("\nPrivate Key (Base64):");
foreach (var kv in privateKeyDict)
Console.WriteLine($"{kv.Key}: {Convert.ToBase64String(kv.Value)}");
Console.WriteLine();
// Create signature
var signature = await EasyPQC.Signatures.CreateSignature(privateKeyDict, message);
Console.WriteLine("Signature (Base64): " + Convert.ToBase64String(signature));
Console.WriteLine();
// Verify signature
var isValid = await EasyPQC.Signatures.VerifySignature(publicKeyDict, signature, message);
Console.WriteLine("Signature valid Test Result: " + isValid);
Console.WriteLine();
// Verify with an invalid message
var invalidMessage = "InvalidSignature";
var invalidTest = await EasyPQC.Signatures.VerifySignature(publicKeyDict, signature, Encoding.UTF8.GetBytes(invalidMessage));
Console.WriteLine("Invalid Signature Test Result: " + invalidTest);
Console.WriteLine("\n\n");
int i = 0;
while (12 <= i)
{
Console.WriteLine(Environment.NewLine);
i++;
}
Console.WriteLine("Summary:");
Console.WriteLine("Signature valid Test Result: " + isValid);
Console.WriteLine("Invalid Signature Test Result: " + invalidTest);
}
EasyPQC (Or Easy Post Quantum Cryptography) is a C# class focused on more social aspects of cryptography (Such as secret passing and the like. This contains four parts you should be looking at;
and three functions
Same as the method above, but with support for cancellation using a CancellationToken.
csharp
using var cts = new CancellationTokenSource();
await FileUtils.WriteAllBytesAsync("output.dat", myData, progress => Console.WriteLine(progress), cts.Token);
Reads all bytes from the specified file asynchronously using a buffered approach.
csharp
byte[] data = await FileUtils.ReadAllBytesAsync("input.dat");
One of my hardest scripts, but this has key turning in it (Constnatly making an encryption key available to everyone that's part of the group)
First, the leader creates a Kyber public private key pair and the public key is shared
Everyone uses the public key to create a key encapsulation, this is our session key
We encrypt the session key using AES256GCM and give it to everyone
Everyone signs their key using Dilithium, then when a message is sent we always verify it
When a message is sent, we encrypt the message with the current version of the session key
A nonce is created/signed for every message (contains a counter, the username, previous session key and message hash)
Automatically we know the user is the user if the nonce is able to be both decrypted and read
The session key is evolved with SHAKE256
After an interval (could be time or amount of messages), we create a new kyber key, with dilithium used for authenticity (rotation)
Represents a file that has been packed (compressed and optionally encrypted) with its associated signature.
Fields:
Methods:
Defines the level of compression for LZ4 compression.
Delegate for reporting the progress of a file compression or decompression operation.
Compresses a file asynchronously using LZ4 and reports progress.
Parameters:
Returns: Task: The path to the compressed file.
Decompresses a file asynchronously using LZ4 and reports progress.
Parameters:
Returns: Task: The path to the decompressed file.
Hashes a file asynchronously using Blake3.
Parameters:
Returns: Task<byte[]>: The computed hash of the file.
Verifies the integrity of a file by comparing its hash to a provided signature.
Parameters:
Returns: Task: true if the hash matches the signature, otherwise false.
Compresses a file, creates a signed hash, and optionally encrypts the file.
Parameters:
Returns: Task: A PackedFile containing the packed file and its signature.
Unpacks and decompresses a file, verifying its signature and decrypting it if necessary.
Parameters:
Returns: Task: true if the file was successfully unpacked and verified, otherwise false.
Generates secure random passwords based on customizable criteria (character sets and length), has a singular function;
Generates a random password using the specified character types and length.
Parameters:
Returns: string — The generated password.
Exceptions:
Walker.Crypto offers simple/easy AES256GCM based cryptography! There are three different classes you should be looking at:
Walker.Crypto.SimpleAESEncryption
Walker.Crypto.AsyncAESEncryption
Walker.Crypto.AESFileEncryptor (Used in EasyPQC.FileOperations for PackFiles and UnpackFile)
A fun little function for encrypting and decrypting a file with AES256GCM.
An integer representing the size of each chunk encrypted (in this case 4418.)
Encrypts a file asynchronously using AES-GCM. Reads the input file in chunks, encrypts each chunk, and writes the result to the output file.
Parameters:
Returns: Task
Decrypts an encrypted file asynchronously. Reads the encrypted file in chunks, decrypts each chunk, and writes the result to the output file.
Parameters:
Returns: Task
Provides async-based AES-GCM encryption and decryption with password-derived keys. Includes file encryption helpers, progress tracking, and byte array support.
Holds AES-GCM encrypted data along with the IV.
Fields:
Methods:
Encrypts plain text using AES-GCM asynchronously. Returns an AESEncryptedText containing the IV and encrypted data.
Parameters:
Returns: Task
Decrypts an AESEncryptedText asynchronously and returns the result as a string.
Parameters:
Returns: Task
Decrypts a string with a given IV asynchronously using the provided password.
Parameters:
Returns: Task
Encrypts a byte array asynchronously. Returns the encrypted data wrapped in an AESEncryptedText.
Parameters:
Returns: Task
Decrypts an AESEncryptedText asynchronously and returns the result as a byte array.
Parameters:
Returns: Task<byte[]>
Provides simple, sync-based AES-GCM encryption and decryption with a key derived from a password. Includes helpers for secure key generation and basic parsing.
Holds AES-GCM encrypted data and its associated IV.
Fields:
Methods:
Encrypts plain text using AES-GCM. Outputs both the encrypted content and IV.
Parameters:
Returns: AESEncryptedText
Decrypts a previously encrypted value using its IV and the original password. Returns a secure string.
Parameters:
Returns: SecureString
Takes the raw Base64 ciphertext and IV, decrypts it using the password, and returns the plain string.
Parameters:
Returns: string
Creates a secure random byte array of the given size.
Parameters:
Returns: byte[]
Hashes the password with SHA-256 and adjusts the result to the specified byte length.
Parameters:
Returns: byte[]
Encrypts a file before decrypting it.
public async Task<string> AESFileEcryptorTest()
{
var password = "ShadowLord".ToSecureString(true);
string inputFilePath = @"TestFiles\finally-all-the-chin-woo-artworks-in-high-quality-v0-tgmaxu5u03oe1.png";
string encryptedFilePath = @"TestFiles\finally-all-the-chin-woo-artworks-in-high-quality-v0-tgmaxu5u03oe1_encrypted.png";
string decryptedFilePath = @"TestFiles\finally-all-the-chin-woo-artworks-in-high-quality-v0-tgmaxu5u03oe1_decrypted.png";
// Encrypt the file and report progress to the console
double encryptionProgress = 0.0;
await AESFileEncryptor.EncryptFileAsync(inputFilePath, encryptedFilePath, password, progress =>
{
encryptionProgress = progress;
Console.WriteLine("Encryption Progress: " + (progress * 100) + "%");
});
Console.WriteLine("Encrypted file saved at: " + Path.GetFullPath(encryptedFilePath));
// Decrypt the file and report progress to the console
double decryptionProgress = 0.0;
Console.WriteLine("Starting file decryption...");
await AESFileEncryptor.DecryptFileAsync(encryptedFilePath, decryptedFilePath, password, progress =>
{
decryptionProgress = progress;
Console.WriteLine("Decryption Progress: " + (progress * 100) + "%");
});
Console.WriteLine("Decrypted file saved at: " + Path.GetFullPath(decryptedFilePath));
Console.WriteLine(Environment.NewLine);
Console.WriteLine(Environment.NewLine);
return "Done";
}
Encrypts a string using SimpleAESEncryption.Encrypt and decrypts with SimpleAESEncryption.Decrypt before doing the same with the async methods and a tracking method
public async Task<string> SimpleAESEncryptionTest()
{
var password = "ShadowLord".ToSecureString(true);
var encryptasynctest = SimpleAESEncryption.Encrypt("This is a test string.", password);
Console.WriteLine("Encrypted string (SimpleAESEncryptionTest): " + encryptasynctest);
Console.WriteLine(encryptasynctest.IV);
Console.WriteLine(encryptasynctest.EncryptedText);
var decryptasynctest = SimpleAESEncryption.Decrypt(encryptasynctest, password);
Console.WriteLine("Decrypted string (SimpleAESEncryptionTest): " + decryptasynctest);
double progressPercentage = 0.0;
var enctest1 = await AsyncAESEncryption.EncryptAsync("This is a test string.", password, progress =>
{
progressPercentage = progress;
Console.WriteLine("Progress: " + progressPercentage + "%");
});
Console.WriteLine("Encrypted string (SimpleAESEncryptionTest): " + enctest1);
var decryptPercentage = 0.0;
var dectest1 = await AsyncAESEncryption.DecryptAsync(enctest1, password, progress =>
{
decryptPercentage = progress;
Console.WriteLine("Decryption Progress: " + decryptPercentage + "%");
});
Console.WriteLine("Decrypted string(SimpleAESEncryptionTest): " + dectest1);
Console.WriteLine(Environment.NewLine);
Console.WriteLine(Environment.NewLine);
return "Done";
}
Ensures that a wrong password can't be used (Was a huge issue during testing, requiring a lot of the file logic in AESFileEncryptor to be rewritten)
public async Task WrongAESFilePasswordTest()
{
try
{
var password = "ShadowLord".ToSecureString(true);
string inputFilePath = @"TestFiles\finally-all-the-chin-woo-artworks-in-high-quality-v0-tgmaxu5u03oe1.png";
string encryptedFilePath = @"TestFiles\finally-all-the-chin-woo-artworks-in-high-quality-v0-tgmaxu5u03oe1_encrypted.png";
string decryptedFilePath = @"TestFiles\finally-all-the-chin-woo-artworks-in-high-quality-v0-tgmaxu5u03oe1_decrypted.png";
// Encrypt the file and report progress to the console
double encryptionProgress = 0.0;
await AESFileEncryptor.EncryptFileAsync(inputFilePath, encryptedFilePath, password, progress =>
{
encryptionProgress = progress;
Console.WriteLine("Encryption Progress: " + (progress * 100) + "%");
});
Console.WriteLine("Encrypted file saved at: " + Path.GetFullPath(encryptedFilePath));
// Decrypt the file and report progress to the console
double decryptionProgress = 0.0;
Console.WriteLine("Starting file decryption...");
await AESFileEncryptor.DecryptFileAsync(encryptedFilePath, decryptedFilePath, "WrongPassword".ToSecureString(true), progress =>
{
decryptionProgress = progress;
Console.WriteLine("Decryption Progress: " + (progress * 100) + "%");
});
Console.WriteLine("Decrypted file saved at: " + Path.GetFullPath(decryptedFilePath));
Console.WriteLine(Environment.NewLine);
Console.WriteLine(Environment.NewLine);
}
catch
{
Console.WriteLine("Bad password");
}
}
Pariah Cybersecurity is a .NET 8.0 Based Library. Primarily developed for programs like the XRUIOS, Project Replicant and Database Designer, it contains a suite of tools meant to make development both easy and secure for developers of all levels!
This is fully open source and free forever! It was made to target Windows, Linux and MacOS!
Learn More About Walker Industries!
Join the Discord!
Support Me on Patreon!
Keep Up With Kennaness' Art Process!!
(Note, there are many comments all around; you'll see as time continued they decreased in quality and quantity. I plan on adding more comments again at a later time, but I currently have other projects I would like to focus on! There are a few functional updates which will come later, but after SecureString is fixed, everything should be fine to use in production!)
🔐Walker.Crypto.Keys.AsyncAESEncryption - Easy To Use AES256-GCM Based Encryption
📄JSONDataHandler - A Simple Yet Powerful Method Of Writing, Saving and Getting Data
🗝️SecretManager - A Local Based Secrets Manager
📨DataRequest - For Creating, Storing and Getting Data Readable By Other Programs Securely
👤Accounts - A Barebones Example Of A Local Based Account System
🔐AccountsWithSessions - A Secure, Local Based Account System With Session Verification
And Much, Much More!
Check the Find The Right Solution For You! Page To Learn More! This also acts as the table of contents!
You Can Also Use The Pariah's Codex of Autonomous Instruments To View Almost All Pariah Focused Functions!
Finally, you can view examples directly within The Pariah's Grimoire of Applied Functionality!
Let's say you have some data you want to save, like
var YareliGallery = List<Custom.ImageObj>`
With Pariah Cybersecurity, all you have to do is
//Create a new Pariah Object on Disc
await JSONDataHandler.CreateJsonFile(pathToSaveTo, "Yareli Gallery", new JObject {} );
//Load the PariahJSON you just made
var loadedGalleryFile = await JSONDataHandler.LoadJsonFile(pathToSaveTo, "Yareli Gallery");
//Add the gallery list to the PariahJson
var savedGallery = await JSONDataHandler.AddToJson<List<Custom.ImageObj>>(loadedGalleryFile, "Gallery", YareliGallery, Password);
//Save the PariahJSON
await JSONDataHandler.SaveJson(savedGallery);
Now, whenever you want to get your variable, all you need to do is use
//Load the PariahJson from disc
var loadedGalleryFile = await JSONDataHandler.LoadJsonFile(pathToSaveTo, "Yareli Gallery");
//Get the GalleryFile value
var loadedGallery = await JSONDataHandler.GetVariable<List<Custom.ImageObj>>(loadedGalleryFile, "Gallery", Password);
Keep in mind; there are a lot of systems within Pariah. Go to the Examples Directory and you can see specific examples for the library you'll be using!
Note: While most things have documentation, I didn't bother making documentation for the smaller things that don't have as much precedence (Like the Ceras formatters for EasyPQC)
| Title | Description | Function # |
|---|---|---|
| EasyPQC.Signatures | Dilithium Based Signing | 8 |
| EasyPQC.Keys | KYBERS CRYSTAL Based Public/Private Pairs | 8 |
| EasyPQC.FileOperations | LZ4 Compression, Blake3 Signing and AES Cryptography All In One | 9 |
| EasyPQC.Rotation | SHAKE256 Based Password Rotation | 3 |
| Title | Description | Function # |
|---|---|---|
| Walker.Crypto.SimpleAESEncryption | Sync Based AES256-GCM Cryptography | 6 |
| Walker.Crypto.AsyncAESEncryption | Async Based AES256-GCM Cryptography | 5 |
| Walker.Crypto.AESFileEncryptor | A Simple Method To Encrypt and Decrypt Files | 2 |
| Title | Description | Function # |
|---|---|---|
| PasswordGenerator.GeneratePassword | Random String Based Generation | 1 |
Note; everything after is within the DataHandler Class (DataHandler.JSONDataHandler, DataHandler.PasswordHandler, etc.)
| Title | Description | Function # |
|---|---|---|
| DataHandler.JSONDataHandler | Easy JSON Based File Handling (Highly Suggest) | 8 |
| DataHandler.SaltAndHashing | Password Creation And Verification with Argon2 | 5+ |
| DataHandler.DataEncryptions | Easy Data Based Packing and Unpacking | 2 |
| DataHandler.SecretManager | Public Secret Rotation, Management and Migration | 10+ |
| DataHandler.DeviceIdentifier | Device Fingerprinting Tool | 2 |
| DataHandler.DataRequest | Software to Software Based Data Communication Protocol | 12+ |
| DataHandler.Accounts | Local User Creation, Login, and Recovery | 5 |
| DataHandler.AccountsWithSessions | Session Based Local Account Management | 10+ |
| Title | Description | Function # |
|---|---|---|
| Utilities.Tools | UUID and Random String Generators | 2 |
| Title | Description | Function # |
|---|---|---|
| BinaryConverter | Object/Byte Array Conversion Tools | 4 |
IMPORTANT: There is a Ceras based binary serializer and a non Ceras based one; it's highly recommended to use the Ceras one for the time being due to it's speed compared to the non ceras method; the non ceras method will be fine as is right now, but using Ceras for all other operations will have a noticeable lag. A cofig must also be made for special items and classes; else errors at runtime appear (Look at Signatures and Keys' library, specifically Encode and Decode). In the future, all items will be turned to a byte array before being switched back to a ceras serialized item.
When using JSONDataHandler, ensure you have a parameterless constructor (as seen across the Accounts systems), else your classes will get errors. Example:
public class EncryptedTier
{
public byte[] SignedEncryptedTier { get; set; }
public string EncryptedTierPass { get; set; }
public byte[] SignedTierPass { get; set; }
public EncryptedTier() { } // Required for deserialization
public EncryptedTier(byte[] signedEncryptedTier, string encryptedTierPass, byte[] signedTierPass)
{
SignedEncryptedTier = signedEncryptedTier;
EncryptedTierPass = encryptedTierPass;
SignedTierPass = signedTierPass;
}
}
Finally, when using PariahJson, do not try to save libraries as weird tuples; as an example, during my debugging and testing I saw that
Dictionary<string, string>
Worked fine, whereas
Dictionary<string, (item, item2. item3)>
Would return null items on GetVariable. Instead, it's better to do something like
public class ItemHolder
{
public string item1
public string item2
public string item3
public ItemHolder() { } // Required for deserialization
}
Dictionary<string, itemHolder>
A comprehensive reference for all classes and functions in Pariah Cybersecurity
These are examples I created while testing Pariah Cybersecurity! For some things (such as Pack and Unpack data) I skipped them, since they are used at least 50 times through testing within other functions!
Note: Be sure to also include private readonly DataHandler.Accounts accounts = new DataHandler.Accounts();